CN111314179B - Network quality detection method, device, equipment and storage medium - Google Patents
Network quality detection method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN111314179B CN111314179B CN202010116711.0A CN202010116711A CN111314179B CN 111314179 B CN111314179 B CN 111314179B CN 202010116711 A CN202010116711 A CN 202010116711A CN 111314179 B CN111314179 B CN 111314179B
- Authority
- CN
- China
- Prior art keywords
- network quality
- packet
- client
- information
- connection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 57
- 238000004891 communication Methods 0.000 claims abstract description 26
- 238000000034 method Methods 0.000 claims abstract description 25
- 230000004044 response Effects 0.000 claims description 25
- 238000012423 maintenance Methods 0.000 claims description 11
- 238000012216 screening Methods 0.000 claims description 3
- 230000002159 abnormal effect Effects 0.000 claims description 2
- 238000004590 computer program Methods 0.000 claims description 2
- 230000003993 interaction Effects 0.000 abstract description 11
- 230000008569 process Effects 0.000 abstract description 6
- 230000005540 biological transmission Effects 0.000 description 9
- 238000010586 diagram Methods 0.000 description 8
- 230000006870 function Effects 0.000 description 4
- 238000012544 monitoring process Methods 0.000 description 4
- 230000006872 improvement Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008707 rearrangement Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/50—Testing arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/0813—Configuration setting characterised by the conditions triggering a change of settings
- H04L41/0816—Configuration setting characterised by the conditions triggering a change of settings the condition being an adaptation, e.g. in response to network events
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/0823—Configuration setting characterised by the purposes of a change of settings, e.g. optimising configuration for enhancing reliability
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/16—Threshold monitoring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
- H04L49/20—Support for services
- H04L49/208—Port mirroring
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Environmental & Geological Engineering (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the invention discloses a network quality detection method, a network quality detection device, network quality detection equipment and a storage medium. The method comprises the following steps: acquiring a flow data packet of a client at a core interaction machine; maintaining a connection session table according to the five-tuple in the flow data packet; and determining network quality information of the client based on the connection session table. According to the technical scheme provided by the embodiment of the invention, the network quality of the client is detected through the flow data packet acquired by the core interaction machine, so that the communication bandwidth occupation in the network quality detection process is reduced, the authenticity of the detection address is improved, and the accuracy of network quality detection is improved.
Description
Technical Field
The embodiment of the invention relates to the technical field of network communication, in particular to a network quality detection method, a network quality detection device, a vehicle and a storage medium.
Background
When the enterprise data center provides services such as video, live broadcast and the like for Internet users in web, app and the like, network instructions are of great importance to the user's use experience, and because the users are distributed in different regions and use different IP addresses and different operator networks, the network quality of the users is identified in real time and optimized, and the enterprise data center has an important role in improving the service quality.
The detection of the existing network quality comprises two types, wherein one type is that a client side sends detection messages with a characteristic number to a server side at regular time, and the server side counts the number of the received detection messages and judges the network quality; and the other is a stream kernel protocol stack on each server externally provided by the data center, so as to acquire the network quality information of the target network address. However, there are several disadvantages to the above: the communication bandwidth is occupied, the detected address is not a real user, the detection result is not real enough, in addition, the server is excessively occupied, the maintenance and management difficulty is high, and the load of the server is excessive.
Disclosure of Invention
The invention provides a network quality detection method, a device, equipment and a storage medium, which are used for reducing the bandwidth occupation in the network quality detection process, improving the accuracy of network quality detection and reducing the maintenance difficulty of a server.
In a first aspect, an embodiment of the present invention provides a network quality detection method, where the method includes:
acquiring a flow data packet at a core interaction machine;
maintaining a connection session table according to the five-tuple in the flow data packet;
and determining network quality information of the client based on the connection session table.
The second method, the embodiment of the invention provides a network quality detection device, which comprises the following steps:
the packet acquisition module is used for acquiring the flow data packet at the core interaction machine;
the table maintenance module is used for maintaining a connection session table according to the five-tuple in the flow data packet;
and the information determining module is used for determining the network quality information of the client based on the connection session table.
In a third aspect, an embodiment of the present invention provides an apparatus, including:
one or more processors;
a memory for storing one or more programs,
the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the network quality detection method as described in any of the embodiments of the present invention.
In a fourth aspect, an embodiment of the present invention provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements a network quality detection method according to any of the embodiments of the present invention.
According to the technical scheme of the embodiment of the invention, the five-tuple in each flow data packet is acquired by acquiring the flow data packet at the core switch to maintain the connection session table, and the network quality information of the client is determined according to the connection session table, so that the network quality detection of the client is realized, the occupation of communication bandwidth is reduced, the authenticity of network quality detection is improved, the unnecessary occupation of a server is reduced, and the communication performance of the server is improved.
Drawings
Fig. 1 is a flowchart of a network quality detection method according to a first embodiment of the present invention;
fig. 2 is a hardware architecture diagram of a network quality detection method according to a first embodiment of the present invention;
fig. 3 is a flowchart of a network quality detection method according to a second embodiment of the present invention;
fig. 4 is an exemplary diagram of packet loss detection according to a second embodiment of the present invention;
fig. 5 is a schematic structural diagram of a network quality detecting device according to a third embodiment of the present invention;
fig. 6 is a schematic structural diagram of an apparatus according to a fourth embodiment of the present invention.
Detailed Description
The invention is described in further detail below with reference to the drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting thereof. It should be noted that, for convenience of description, only some, but not all of the structures related to the present invention are shown in the drawings, and furthermore, embodiments of the present invention and features in the embodiments may be combined with each other without conflict.
Example 1
Fig. 1 is a flowchart of a network quality detection method according to an embodiment of the present invention, where the method may be applicable to detecting a client network quality, and the method may be performed by a network quality detection device, where the device may be implemented in hardware and/or software, and referring to fig. 1, the method provided by the embodiment of the present invention includes:
and step 101, acquiring a flow data packet of the client at the core interaction machine.
The core switch may be a device in the enterprise data center for switching the external network data to the data center, and the traffic data packets of the client may be transmitted to the enterprise data center through the core interaction machine. The traffic data packets may be data packets of a client that exchanges data with the enterprise data center, and the traffic data packets may be transferred through a connection session, for example, the traffic data packets may be transferred to the enterprise data center after the client establishes a TCP session connection with the enterprise data center.
In the embodiment of the present invention, the traffic data packets of the client may be grabbed at the core switch, for example, the mirror ports may be set at the core switch in the network intrusion detection system (Network Instrusion Detection System, NIDS) to grab the traffic data packets flowing into the core switch, and it is understood that the source client of the traffic data packets may be multiple. Fig. 2 is a hardware architecture diagram of a network quality detection method according to an embodiment of the present invention, referring to fig. 2, a core switch may be a core device that may perform data exchange with a client in an external network by an enterprise data center. Traffic packets may all flow through the core switch to the enterprise data center, and traffic packets flowing through the core switch may be captured by mirroring the NISD setup port.
And 102, maintaining a connection session table according to the five-tuple in the flow data packet.
Further, on the basis of the above embodiment of the present invention, the five-tuple includes a source IP address, a destination IP address, a source port address, a destination port address, and a transport layer protocol.
The five-tuple may be an information set for communication transmission of a traffic data packet, where the traffic data packet may be transferred between the client and the enterprise data center through the five-tuple, and it may be understood that the five-tuple may specifically include a source IP address, a destination IP address, a source port address, a destination port address, and a transport layer protocol. The connection session table may be a data table storing session connection information, and may include information such as an uplink/downlink traffic size of a traffic packet, uplink/downlink packet data, uplink/downlink direction, and connection sequence number.
Specifically, a connection session table may be created in advance, when a traffic data packet is acquired, connection information in the traffic data packet may be extracted and stored in the connection session table, connection information of the traffic data packet may be stored according to different session connections, for example, connection information of the traffic data packet belonging to the same TCP session connection may be stored in the same table entry in the connection session table, and five-tuple of the traffic data packet transmitted in the same TCP session connection may be combined and stored.
And step 103, determining the network quality information of the client based on the connection session table.
The network quality information may be data reflecting the quality of traffic packet transmission between the client and the enterprise data center, and may include packet loss rate, transmission delay, etc.
Specifically, the connection session table may store relevant information of connection sessions between each client and the enterprise data center, and network quality information of each client may be determined through the connection information in the connection session table, where the network quality information may include packet data, packet loss number, response duration, and other information corresponding to the client in an up/down direction of the connection session. For example, the ratio of the number of lost packets to all data packets in the connection session of each client can be counted according to the connection session table as the packet loss rate of the corresponding client.
According to the technical scheme, the flow data packet of the client is obtained through the core interaction machine, the connection session table is maintained through the five-tuple of the flow data packet, and the network quality information of the client is determined according to the connection session table, so that the quick detection of the network quality of the client is realized, the bandwidth occupation in the detection process is reduced, and the authenticity of network quality detection is improved.
Further, on the basis of the above embodiment of the present invention, the connection session table includes connection information of at least one connection session, where the connection information includes at least one of an uplink/downlink traffic size, uplink/downlink packet data, an uplink/downlink direction, and a TCP sequence number.
In the embodiment of the invention, a connection session table is preset, when the client performs data interaction with the enterprise data center through the connection session, the connection session table can be maintained according to the flow data packet of the client, and it can be understood that the information stored in the connection session table is the relevant information of the connection session between the client and the enterprise data center, for example, the relevant information of the connection of the TCP session can be stored in the connection session information, such as the up/down flow size, the up/down packet data, the up/down direction, the TCP serial number sequence number and the like.
Example two
Fig. 3 is a flowchart of a network quality detection method according to a second embodiment of the present invention, where the embodiment of the present invention is based on the embodiment of the present invention, and referring to fig. 3, the method according to the embodiment of the present invention includes:
step 201, establishing a port mirror image of the core switch.
The port mirror image may be a function of forwarding traffic packets of one or more source ports to a designated port on a core switch to implement network monitoring.
Specifically, a port mirror image may be established on the core switch, for example, a flow packet acquired by a data port in the core switch may be forwarded to a destination port of the NIDS device, so as to implement the port mirror image of the core switch.
And 202, capturing a flow data packet from the network card of the core switch through the port mirror image.
In the embodiment of the invention, the flow data packet obtained by the port mirror image can be captured from the network card through the DPDK framework of the open source, and it can be understood that the way of capturing the flow data packet is not limited to the use of the DPDK framework, and the flow data packet in the mirror image port can be captured by using frameworks such as pcap or pf_ring.
And 203, analyzing the communication information in the flow data packet to generate a quintuple.
Specifically, the communication information may be information used for data transmission of the traffic data packet, may be information such as a source address, a destination port, a source port, a transport layer protocol, and the like of the connection session, and may read the traffic data packet into a memory to analyze to obtain the information such as the source address, the destination port, the source port, the transport layer protocol, and the like as a quintuple.
And 204, searching a corresponding connection session in the connection session table according to the five-tuple, if so, updating the connection session according to the five-tuple, otherwise, creating a new connection session in the connection session table according to the five-tuple.
In the embodiment of the present invention, a connection session table may be maintained all the time, where the connection session table may include information such as uplink/downlink traffic size, uplink/downlink packet data, uplink/downlink direction, TCP Sequence Number, etc. of a connection session, when a five-tuple of a traffic data packet is obtained, the connection session to which the five-tuple belongs may be searched in the connection session table according to the five-tuple, if the corresponding connection session may be searched, it may be determined that the connection session already exists in the connection session table, relevant information of the connection session in the connection session table may be updated according to the five-tuple of the traffic data packet, for example, information such as total Number of packets, packet loss Number, transmission delay, etc. of the connection session may be updated, and if the corresponding connection session cannot be searched in the connection session table, a new connection session may be created according to the five-tuple.
Step 205, when the connection session of the client ends, the number of retransmission packets, uplink/downlink packet data and packet response time corresponding to the connection session in the connection session table are searched.
The number of retransmission packets may be the number of traffic packets that are failed to be sent and retransmitted during the duration of the connection session. For example, fig. 4 is an exemplary diagram of packet loss detection provided in the second embodiment of the present invention, referring to fig. 4, a TCP session connection may be a reliable connection, and if a receiving end does not accept and confirms a data packet sent by a sending end to the receiving end, the sending end may perform retransmission processing, and according to this characteristic, identify a TCP retransmission packet in the whole session process, so as to detect a packet loss condition of the current TCP connection.
In the embodiment of the invention, when the client ends the connection session, the network quality of the client is determined according to the transmission condition of the traffic data packet in the connection process of the connection session, and specifically, the number of retransmission data packets, uplink/downlink packet data and packet response time of the connection session in the duration time can be counted for the ended connection session.
And 206, taking the retransmission packet number, the uplink/downlink packet data and the packet response time as network quality information corresponding to the client.
In the embodiment of the invention, the information such as the number of retransmission packets, the uplink/downlink packet data, the packet response time and the like can be used as the network quality information of the client, for example, the proportion of the number of retransmission packets to the uplink/downlink packet data can be used as the packet loss rate, the packet loss rate can be used as the network quality information, and a network quality measurement index can be generated as the network quality information by weighting calculation of the number of retransmission packets, the uplink/downlink packet data and the packet response time.
Step 207, storing the network quality information through a local log and/or a Kafka push message.
Specifically, the network quality information may be stored permanently by means of local logs and/or Kafka push messages, for example, when the TCP connection is over, information such as packet data, the number of dropped packets, etc. in the uplink/downlink direction of the TCP connection is recorded, and information such as packet response duration, etc. The recording manner is not limited to the local log, the kafka push message, and the like.
And step 208, adjusting the network configuration of the client according to the network quality information so as to perform network quality tuning.
The network configuration may be a configuration of changing session connection of the client, and may include changing routing table information to change a transmission path of the traffic data packet, so as to achieve a goal of modulating a preferred path.
Specifically, the network quality information of the client can be compared with a preset monitoring threshold, and when the network quality information of the client is higher than the monitoring threshold, the network configuration of the transmission flow data packet of the client can be changed, so that the improvement of the network quality and the improvement of the user experience are realized. For example, the network quality data may be aggregated, counted according to a certain time period (e.g., 3 min), and the routing information may be adjusted for the client whose network quality information exceeds the monitoring threshold in the time period.
According to the technical scheme, the port mirror image of the core switch is established, the traffic data packet is captured at the port mirror image, the communication information of the traffic data packet is analyzed to generate the quintuple, the corresponding connection session is searched in the connection session table according to the quintuple, if the corresponding connection session exists, the quintuple is updated, if the corresponding connection session does not exist, a new connection session is created according to the quintuple, when the connection session is finished, the number of retransmission packets, up/down packet data and packet response time corresponding to the connection session are searched in the connection session table and used as network quality information, the network quality information is stored, and the network configuration of the client is adjusted according to the network quality information, so that the quick performance of network quality detection is realized, the occupation of communication bandwidth is reduced, the authenticity of network quality detection is improved, the unnecessary server occupation is reduced, the communication performance of the server is improved, meanwhile, the network of the client is optimized through the network quality, the loss rate of the traffic data packet is reduced, and the network quality of the client is improved.
Further, on the basis of the above embodiment of the present invention, the parsing the communication information in the traffic data packet to generate a five-tuple includes:
obtaining a buffer area address and a buffer area length of a flow data packet in a memory, and screening out a communication protocol of the flow data packet; and analyzing the communication information in the flow data packet according to the buffer address, the buffer length and the communication protocol to generate a quintuple.
In the embodiment of the invention, the buffer area address and the buffer area length of the flow data packet can be obtained, the position of the flow data packet in the buffer area in the memory can be determined according to the buffer area address and the buffer area length, and the source ip, the destination ip, the source port, the destination port, the transport layer protocol and other communication information of the flow data packet can be read in the buffer area according to the format of the communication protocol to form five-tuple.
Further, on the basis of the above embodiment of the present invention, the modulating the network configuration of the client according to the network quality information to perform network quality tuning includes:
counting the number of packet data, the number of retransmission packets and the packet response time in the threshold time in the network quality information for each client; acquiring the number of the packet data, the number of retransmission packets and the client IP address of which the packet response time exceeds a threshold condition; and modifying the IP network segment and/or the originating ASN routing information corresponding to the IP address of the client so as to adjust the network quality of the client.
Specifically, the network quality information may be counted according to different clients, and the packet data amount, the retransmission packet amount and the packet response time in the threshold time are obtained, where the threshold time may be a period of time, for example, three minutes or five minutes. The counted number of packet data, the number of retransmission packets and the packet response time can be compared with threshold conditions, and when the threshold conditions are exceeded, it can be understood that the threshold conditions can be conditions for judging that the network quality of the client is poor, for example, the packet loss rate or the packet response time can be specific, and the packet loss rate can be specific, the ratio of the number of retransmission packets to the number of packet data. The condition that the packet loss rate exceeds the threshold value may mean that the packet loss rate of the client exceeds a preset packet loss rate in the threshold value condition, an IP address of the client may be obtained, and routing information of an IP network segment or an originating ASN corresponding to the IP address may be changed, so that the client has a transmission link with better network quality.
Example III
Fig. 5 is a schematic structural diagram of a network quality detection device according to a third embodiment of the present invention, where the network quality detection method according to any embodiment of the present invention may be implemented, and the network quality detection device includes functional modules and beneficial effects corresponding to the implementation method. The apparatus may be implemented by software and/or hardware, and specifically includes: a packet acquisition module 301, a table maintenance module 302, and an information determination module 303.
The packet acquisition module 301 is configured to acquire a traffic packet at the core interaction machine.
The table maintenance module 302 is configured to maintain a connection session table according to the five-tuple in the flow packet.
An information determining module 303, configured to determine network quality information of the client based on the connection session table.
According to the technical scheme, the flow data packet of the client is obtained in the core interaction machine through the packet obtaining module, the table maintenance module maintains the connection session table through the five-tuple of the flow data packet, and the information determination module determines the network quality information of the client according to the connection session table, so that the quick detection of the network quality of the client is realized, the bandwidth occupation in the detection process is reduced, and the authenticity of the network quality detection is improved.
Further, on the basis of the above embodiment of the present invention, the packet acquisition module 301 includes:
and the port mirror unit is used for establishing port mirror of the core switch.
And the packet grabbing unit is used for grabbing the flow data packet from the network card of the core switch through the port mirror image.
Further, on the basis of the above embodiment of the present invention, the table maintenance module 302 includes:
and the packet analysis unit is used for analyzing the communication information in the flow data packet to generate a quintuple.
And the connection session table unit is used for searching the corresponding connection session in the connection session table according to the five-tuple, if so, updating the connection session according to the five-tuple, otherwise, creating a new connection session in the connection session table according to the five-tuple.
Further, on the basis of the above embodiment of the present invention, the packet parsing unit is specifically configured to:
obtaining a buffer area address and a buffer area length of a flow data packet in a memory, and screening out a communication protocol of the flow data packet; and analyzing the communication information in the flow data packet according to the buffer address, the buffer length and the communication protocol to generate a quintuple.
Further, on the basis of the above embodiment of the present invention, the five-tuple in the table maintenance module 302 includes a source IP address, a destination IP address, a source port address, a destination port address, and a transport layer protocol.
Further, on the basis of the above embodiment of the present invention, the connection session table in the table maintenance module 302 includes connection information of at least one connection session, where the connection information includes at least one of an uplink/downlink traffic size, uplink/downlink packet data, an uplink/downlink direction, and a TCP sequence number.
Further, on the basis of the above embodiment of the present invention, the information determining module 303 includes:
and the information searching unit is used for searching the quantity of retransmission packets, uplink/downlink packet data and packet response time corresponding to the connection session in the connection session table when the connection session of the client is ended.
And the network quality information unit is used for taking the retransmission packet number, the uplink/downlink packet data and the packet response time as network quality information corresponding to the client.
Further, on the basis of the above embodiment of the present invention, the network quality detection apparatus further includes:
and the network quality adjusting module is used for adjusting the network configuration of the client according to the network quality information so as to adjust the network quality.
Further, on the basis of the above embodiment of the present invention, the network tuning module includes:
and the data statistics unit is used for counting the packet data quantity, the retransmission packet quantity and the packet response time in the threshold time in the network quality information for each client.
And the abnormal IP determining unit is used for acquiring the client IP addresses of which the packet data quantity, the retransmission packet quantity and/or the packet response time exceed the threshold condition.
And the tuning configuration unit is used for changing the IP network segment and/or the origin ASN routing information corresponding to the IP address of the client so as to tune the network quality of the client.
Further, on the basis of the above embodiment of the present invention, the network quality detection apparatus further includes:
and the information storage module is used for storing the network quality information through a local log and/or a Kafka push message.
Example IV
Fig. 6 is a schematic structural diagram of an apparatus according to a fourth embodiment of the present invention, and as shown in fig. 6, the apparatus includes a controller 40, a memory 41, an input device 42, and an output device 43; the number of controllers 40 in the device may be one or more, one controller 40 being taken as an example in fig. 6; the controller 40, memory 41, input means 42 and output means 43 in the device may be connected by a bus or other means, in fig. 6 by way of example.
The memory 41 is a computer-readable storage medium that can be used to store a software program, a computer-executable program, and modules such as program modules (e.g., the packet acquisition module 301, the table maintenance module 302, and the information determination module 303) corresponding to the network quality detection method in the embodiment of the present invention. The controller 40 executes various functional applications of the vehicle and data processing, namely, implements the network quality detection method described above by running software programs, instructions, and modules stored in the memory 41.
The memory 41 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, at least one application program required for functions; the storage data area may store data created according to the use of the terminal, etc. In addition, memory 41 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid-state storage device. In some examples, memory 41 may further include memory remotely located relative to controller 40, which may be connected to the vehicle via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The input means 42 may be used to receive entered numeric or character information and to generate key signal inputs related to user settings and function control of the device. The output means 43 may comprise a display device such as a display screen.
Example five
A fifth embodiment of the present invention also provides a storage medium containing computer-executable instructions, which when executed by a computer processor, are for performing a network quality detection method, the method comprising:
acquiring a flow data packet of a client at a core interaction machine;
maintaining a connection session table according to the five-tuple in the flow data packet;
and determining network quality information of the client based on the connection session table.
Of course, the storage medium containing the computer executable instructions provided in the embodiments of the present invention is not limited to the method operations described above, and may also perform the related operations in the network quality detection method provided in any embodiment of the present invention.
From the above description of embodiments, it will be clear to a person skilled in the art that the present invention may be implemented by means of software and necessary general purpose hardware, but of course also by means of hardware, although in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art in the form of a software product, which may be stored in a computer readable storage medium, such as a floppy disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a FLASH Memory (FLASH), a hard disk or an optical disk of a computer, etc., and include several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method according to the embodiments of the present invention.
It should be noted that, in the embodiment of the network quality detection apparatus, each unit and module included are only divided according to the functional logic, but are not limited to the above-mentioned division, so long as the corresponding functions can be implemented; in addition, the specific names of the functional units are also only for distinguishing from each other, and are not used to limit the protection scope of the present invention.
Note that the above is only a preferred embodiment of the present invention and the technical principle applied. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, while the invention has been described in connection with the above embodiments, the invention is not limited to the embodiments, but may be embodied in many other equivalent forms without departing from the spirit or scope of the invention, which is set forth in the following claims.
Claims (10)
1. A method for detecting network quality, comprising:
acquiring a flow data packet of a client at a core switch;
maintaining a connection session table according to the five-tuple in the flow data packet; when a flow data packet is acquired, extracting connection information in the flow data packet and storing the connection information in a connection session table, wherein the connection information of the flow data packet is stored according to different session connections;
determining network quality information of the client based on the connection session table;
the network quality detection method further comprises the following steps:
according to the network quality information, adjusting the network configuration of the client to perform network quality tuning; wherein the network configuration is a configuration for changing session connection of the client;
the adjusting the network configuration of the client according to the network quality information to perform network quality tuning includes:
counting the number of packet data, the number of retransmission packets and the packet response time in the threshold time in the network quality information for each client;
acquiring the client IP addresses of which the packet data quantity, the retransmission packet quantity and/or the packet response time exceed threshold conditions;
modifying IP network segment and/or origin ASN route information corresponding to the IP address of the client so as to adjust the network quality of the client;
the method comprises the steps of determining network quality information of the client based on the connection session table:
when the connection session of the client ends, searching the quantity of retransmission packets, uplink/downlink packet data and packet response time corresponding to the connection session in the connection session table;
and taking the retransmission packet number, the uplink/downlink packet data and the packet response time as network quality information corresponding to the client.
2. The method of claim 1, wherein the obtaining, at the core switch, traffic packets for the client comprises:
establishing a port mirror image of the core switch;
and capturing the flow data packet from the network card of the core switch through the port mirror image.
3. The method of claim 1, wherein maintaining a connection session table from the five-tuple in the traffic data packet comprises:
analyzing the communication information in the flow data packet to generate five-tuple;
and searching the corresponding connection session in the connection session table according to the five-tuple, if so, updating the connection session according to the five-tuple, otherwise, creating a new connection session in the connection session table according to the five-tuple.
4. The method of claim 3, wherein said parsing the communication information in the traffic data packet to generate a five-tuple comprises:
obtaining a buffer area address and a buffer area length of a flow data packet in a memory, and screening out a communication protocol of the flow data packet;
and analyzing the communication information in the flow data packet according to the buffer address, the buffer length and the communication protocol to generate a quintuple.
5. The method of claim 1, wherein the five-tuple comprises a source IP address, a destination IP address, a source port address, a destination port address, and a transport layer protocol.
6. The method of claim 1, wherein the connection session table includes connection information of at least one connection session, the connection information including at least one of an up/down traffic size, up/down packet data, and up/down direction and TCP sequence number.
7. The method of claim 1, further comprising storing the network quality information via a local log and/or a Kafka push message.
8. A network quality detection apparatus, comprising:
the packet acquisition module is used for acquiring the flow data packet at the core switch;
the table maintenance module is used for maintaining a connection session table according to the five-tuple in the flow data packet; when a flow data packet is acquired, extracting connection information in the flow data packet and storing the connection information in a connection session table, wherein the connection information of the flow data packet is stored according to different session connections;
the information determining module is used for determining network quality information of the client based on the connection session table;
the network quality detection device further includes:
the network quality adjusting module is used for adjusting the network configuration of the client according to the network quality information so as to adjust the network quality; wherein the network configuration is a configuration for changing session connection of the client;
the network tuning module comprises:
the data statistics unit is used for counting the packet data quantity, the retransmission packet quantity and the packet response time in the threshold time in the network quality information for each client;
an abnormal IP determining unit, configured to obtain the number of packet data, the number of retransmission packets, and/or the client IP address when the packet response time exceeds a threshold condition;
the optimizing configuration unit is used for changing the IP network segment and/or the origin ASN routing information corresponding to the IP address of the client so as to optimize the network quality of the client;
the information determination module includes:
the information searching unit is used for searching the quantity of retransmission packets, uplink/downlink packet data and packet response time corresponding to the connection session in the connection session table when the connection session of the client is ended;
and the network quality information unit is used for taking the retransmission packet number, the uplink/downlink packet data and the packet response time as network quality information corresponding to the client.
9. An electronic device, the device comprising:
one or more processors;
a memory for storing one or more programs,
the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the network quality detection method of any of claims 1-7.
10. A computer readable storage medium having stored thereon a computer program, which when executed by a processor implements a network quality detection method according to any of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010116711.0A CN111314179B (en) | 2020-02-25 | 2020-02-25 | Network quality detection method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010116711.0A CN111314179B (en) | 2020-02-25 | 2020-02-25 | Network quality detection method, device, equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111314179A CN111314179A (en) | 2020-06-19 |
| CN111314179B true CN111314179B (en) | 2024-01-23 |
Family
ID=71161943
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010116711.0A Active CN111314179B (en) | 2020-02-25 | 2020-02-25 | Network quality detection method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111314179B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112235322A (en) * | 2020-12-11 | 2021-01-15 | 广东睿江云计算股份有限公司 | Tcp transmission method and system thereof |
| CN113645092B (en) * | 2021-07-07 | 2022-12-30 | 深圳市优克联新技术有限公司 | Network quality evaluation method and device, terminal equipment and storage medium |
| CN113612791A (en) * | 2021-08-11 | 2021-11-05 | 湖南中车时代通信信号有限公司 | Network data monitoring equipment |
| CN114363209A (en) * | 2022-01-07 | 2022-04-15 | 北京百度网讯科技有限公司 | Performance detection method, device, equipment and storage medium based on TCP network |
| CN116866214B (en) * | 2023-06-21 | 2024-04-23 | 武汉博易讯信息科技有限公司 | Regional network quality analysis system based on statistical session |
| CN116996421B (en) * | 2023-09-28 | 2023-12-26 | 腾讯科技(深圳)有限公司 | Network quality detection method and related equipment |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103023716A (en) * | 2012-11-26 | 2013-04-03 | 中怡(苏州)科技有限公司 | System and method for monitoring network quality with zero traffic consumption |
| CN104702445A (en) * | 2015-03-31 | 2015-06-10 | 清华大学 | User network optimizing method and system |
| CN104901851A (en) * | 2015-06-19 | 2015-09-09 | 北京快网科技有限公司 | Method and system detecting network quality |
| CN109587156A (en) * | 2018-12-17 | 2019-04-05 | 广州天懋信息系统股份有限公司 | Abnormal network access connection identification and blocking-up method, system, medium and equipment |
| CN109889547A (en) * | 2019-03-29 | 2019-06-14 | 新华三信息安全技术有限公司 | A kind of detection method and device of abnormal network equipment |
| CN110730111A (en) * | 2019-10-23 | 2020-01-24 | 北京锐安科技有限公司 | Network quality monitoring method, device, server and medium |
-
2020
- 2020-02-25 CN CN202010116711.0A patent/CN111314179B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103023716A (en) * | 2012-11-26 | 2013-04-03 | 中怡(苏州)科技有限公司 | System and method for monitoring network quality with zero traffic consumption |
| CN104702445A (en) * | 2015-03-31 | 2015-06-10 | 清华大学 | User network optimizing method and system |
| CN104901851A (en) * | 2015-06-19 | 2015-09-09 | 北京快网科技有限公司 | Method and system detecting network quality |
| CN109587156A (en) * | 2018-12-17 | 2019-04-05 | 广州天懋信息系统股份有限公司 | Abnormal network access connection identification and blocking-up method, system, medium and equipment |
| CN109889547A (en) * | 2019-03-29 | 2019-06-14 | 新华三信息安全技术有限公司 | A kind of detection method and device of abnormal network equipment |
| CN110730111A (en) * | 2019-10-23 | 2020-01-24 | 北京锐安科技有限公司 | Network quality monitoring method, device, server and medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111314179A (en) | 2020-06-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111314179B (en) | Network quality detection method, device, equipment and storage medium | |
| US7623466B2 (en) | Symmetric connection detection | |
| JP4759389B2 (en) | Packet communication device | |
| CN108040057B (en) | Working method of SDN system suitable for guaranteeing network security and network communication quality | |
| CN106972985B (en) | Method for accelerating data processing and forwarding of DPI (deep packet inspection) equipment and DPI equipment | |
| JP4594258B2 (en) | System analysis apparatus and system analysis method | |
| US20090238088A1 (en) | Network traffic analyzing device, network traffic analyzing method and network traffic analyzing system | |
| CN108737447B (en) | User datagram protocol flow filtering method, device, server and storage medium | |
| CN108337652B (en) | Method and device for detecting flow fraud | |
| JP4988632B2 (en) | Packet relay device and traffic monitoring system | |
| JP2008035266A (en) | Technology of analyzing state of information system | |
| US20090240804A1 (en) | Method and apparatus for preventing igmp packet attack | |
| US10868839B2 (en) | Method and system for upload optimization | |
| WO2016169121A1 (en) | Link analysis method, device and system | |
| WO2024060408A1 (en) | Network attack detection method and apparatus, device and storage medium | |
| CN108512816B (en) | Traffic hijacking detection method and device | |
| JP2012038213A (en) | Determination device, determination method, and computer program | |
| WO2022100581A1 (en) | Method for processing ipfix message, storage medium, network switching chip and asic chip | |
| CN110300085B (en) | Evidence obtaining method, device and system for network attack, statistical cluster and computing cluster | |
| WO2020063661A1 (en) | Flow congestion monitoring method and device | |
| KR101338485B1 (en) | Quality of each service management Method and system in total IP network | |
| KR20060130892A (en) | Ddos detection and packet filtering scheme | |
| CN112671662A (en) | Data stream acceleration method, electronic device, and storage medium | |
| CN112769804A (en) | Internet security supervision method, system, computer equipment and readable storage medium | |
| CN115987766A (en) | Multi-segment comparison analysis method and system based on full-flow backtracking |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |